/*
 * Copyright 2010 Kevin L'Huillier <klhuillier@gmail.com>
 * 
 * Licensed under the Apache License, Version 2.0 (the "License"); you may not
 * use this file except in compliance with the License. You may obtain a copy of
 * the License at
 * 
 * http://www.apache.org/licenses/LICENSE-2.0
 * 
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 * License for the specific language governing permissions and limitations under
 * the License.
 */

package org.lhuillier.pwsafe.io;


/**
 * Before a password is used to encrypt or decrypt a database, it is first
 * stretched by adding a salt and running a digest algorithm several times.
 * The password can be discarded at this point as only the stretched key
 * is used.
 * <p>
 * This key can safely be stored in memory for the purposes of validating a
 * password to unlock a DB and for re-encrypting. After the a password is
 * validated, it is recommended a new salt be generated to create a new 
 * stretched key.
 */
public interface StretchedKey {
    byte[] getKey();
    byte[] getSalt();
    int getIterations();
    boolean validPassword(String password);
    StretchedKey resalt(String password);
}
